📄 wikicontext.java
字号:
try { // super.clone() must always be called to make sure that inherited objects // get the right type WikiContext copy = (WikiContext)super.clone(); // No need to deep clone these copy.m_engine = m_engine; copy.m_command = m_command; // Static structure copy.m_template = m_template; copy.m_variableMap = (HashMap<String,Object>)m_variableMap.clone(); copy.m_request = m_request; copy.m_session = m_session; copy.m_page = (WikiPage)m_page.clone(); copy.m_realPage = (WikiPage)m_realPage.clone(); return copy; } catch( CloneNotSupportedException e ){} // Never happens return null; } /** * Returns the WikiSession associated with the context. * This method is guaranteed to always return a valid WikiSession. * If this context was constructed without an associated * HttpServletRequest, it will return {@link WikiSession#guestSession(WikiEngine)}. * * @return The WikiSession associate with this context. */ public WikiSession getWikiSession() { return m_session; } /** * This method can be used to find the WikiContext programmatically * from a JSP PageContext. We check the request context. * The wiki context, if it exists, * is looked up using the key * {@link com.ecyrd.jspwiki.tags.WikiTagBase#ATTR_CONTEXT}. * * @since 2.4 * @param pageContext the JSP page context * @return Current WikiContext, or null, of no context exists. */ public static WikiContext findContext( PageContext pageContext ) { HttpServletRequest request = (HttpServletRequest) pageContext.getRequest(); WikiContext context = (WikiContext)request.getAttribute( WikiTagBase.ATTR_CONTEXT ); return context; } /** * Returns the permission required to successfully execute this context. * For example, the a wiki context of VIEW for a certain page means that * the PagePermission "view" is required for the page. In some cases, no * particular permission is required, in which case a dummy permission will * be returned ({@link java.util.PropertyPermission}<code> "os.name", * "read"</code>). This method is guaranteed to always return a valid, * non-null permission. * @return the permission * @since 2.4 */ public Permission requiredPermission() { // This is a filthy rotten hack -- absolutely putrid if ( WikiCommand.INSTALL.equals( m_command ) ) { // See if admin users exists boolean adminExists = false; try { UserManager userMgr = m_engine.getUserManager(); UserDatabase userDb = userMgr.getUserDatabase(); userDb.findByLoginName( Installer.ADMIN_ID ); adminExists = true; } catch ( NoSuchPrincipalException e ) { return DUMMY_PERMISSION; } if ( adminExists ) { return new AllPermission( m_engine.getApplicationName() ); } } // TODO: we should really break the contract so that this // method returns null, but until then we will use this hack if ( m_command.requiredPermission() == null ) { return DUMMY_PERMISSION; } return m_command.requiredPermission(); } /** * Associates a target with the current Command and returns * the new targeted Command. If the Command associated with this * WikiContext is already "targeted", it is returned instead. * @see com.ecyrd.jspwiki.ui.Command#targetedCommand(java.lang.Object) * * {@inheritDoc} */ public Command targetedCommand( Object target ) { if ( m_command.getTarget() == null ) { return m_command.targetedCommand( target ); } return m_command; } /** * Checks whether the current user has access to this wiki context, * by obtaining the required Permission ({@link #requiredPermission()}) * and delegating the access check to * {@link com.ecyrd.jspwiki.auth.AuthorizationManager#checkPermission(WikiSession, Permission)}. * If the user is allowed, this method returns <code>true</code>; * <code>false</code> otherwise. If access is allowed, * the wiki context will be added to the request as an attribute * with the key name {@link com.ecyrd.jspwiki.tags.WikiTagBase#ATTR_CONTEXT}. * Note that this method will automatically redirect the user to * a login or error page, as appropriate, if access fails. This is * NOT guaranteed to be default behavior in the future. * @param response the http response * @return the result of the access check * @throws IOException In case something goes wrong */ public boolean hasAccess( HttpServletResponse response ) throws IOException { return hasAccess( response, true ); } /** * Checks whether the current user has access to this wiki context (and * optionally redirects if not), by obtaining the required Permission ({@link #requiredPermission()}) * and delegating the access check to * {@link com.ecyrd.jspwiki.auth.AuthorizationManager#checkPermission(WikiSession, Permission)}. * If the user is allowed, this method returns <code>true</code>; * <code>false</code> otherwise. If access is allowed, * the wiki context will be added to the request as attribute * with the key name {@link com.ecyrd.jspwiki.tags.WikiTagBase#ATTR_CONTEXT}. * @return the result of the access check * @param response The servlet response object * @param redirect If true, makes an automatic redirect to the response * @throws IOException If something goes wrong */ public boolean hasAccess( HttpServletResponse response, boolean redirect ) throws IOException { AuthorizationManager mgr = m_engine.getAuthorizationManager(); boolean allowed = mgr.checkPermission( m_session, requiredPermission() ); ResourceBundle rb = getBundle(InternationalizationManager.CORE_BUNDLE); // Stash the wiki context if( allowed ) { if ( m_request != null && m_request.getAttribute( WikiTagBase.ATTR_CONTEXT ) == null ) { m_request.setAttribute( WikiTagBase.ATTR_CONTEXT, this ); } } // If access not allowed, redirect if( !allowed && redirect ) { Principal currentUser = m_session.getUserPrincipal(); Object[] arguments = { getName() }; if( m_session.isAuthenticated() ) { log.info("User "+currentUser.getName()+" has no access - forbidden (permission=" + requiredPermission() + ")" ); String pageurl = m_page.getName(); m_session.addMessage( MessageFormat.format( rb.getString("security.error.noaccess.logged"), arguments) ); response.sendRedirect( m_engine.getURL(WikiContext.LOGIN, pageurl, null, false ) ); } else { log.info("User "+currentUser.getName()+" has no access - redirecting (permission=" + requiredPermission() + ")"); String pageurl = m_page.getName(); m_session.addMessage( MessageFormat.format( rb.getString("security.error.noaccess"), arguments) ); response.sendRedirect( m_engine.getURL(WikiContext.LOGIN, pageurl, null, false ) ); } } return allowed; } /** * Returns true, if the current user has administrative permissions (i.e. the omnipotent * AllPermission). * * @since 2.4.46 * @return true, if the user has all permissions. */ public boolean hasAdminPermissions() { boolean admin = false; admin = m_engine.getAuthorizationManager().checkPermission( getWikiSession(), new AllPermission(m_engine.getApplicationName()) ); return admin; } /** * Figures out which template a new WikiContext should be using. * @param request the HTTP request */ protected void setDefaultTemplate( HttpServletRequest request ) { // FIXME: Most definitely this should be checked for // existence, or else it is possible to create pages that // cannot be shown. String defaultTemplate = m_engine.getTemplateDir(); // Figure out which template we should be using for this page. String template = null; if ( request != null ) { template = request.getParameter( "skin" ); } // If request doesn't supply the value, extract from wiki page if( template == null ) { WikiPage page = getPage(); if ( page != null ) { template = (String)page.getAttribute( WikiEngine.PROP_TEMPLATEDIR ); } } // If something over-wrote the default, set the new value. if ( template != null ) { setTemplate( template ); } else { setTemplate( defaultTemplate ); } } /** * Looks up and returns a PageCommand based on a supplied WikiPage and HTTP * request. First, the appropriate Command is obtained by examining the HTTP * request; the default is {@link PageCommand#VIEW}. If the Command is a * PageCommand (and it should be, in most cases), a targeted Command is * created using the (non-<code>null</code>) WikiPage as target. * @param engine the wiki engine * @param request the HTTP request * @param page the wiki page * @return the correct command */ protected static Command findCommand( WikiEngine engine, HttpServletRequest request, WikiPage page ) { String defaultContext = PageCommand.VIEW.getRequestContext(); Command command = engine.getCommandResolver().findCommand( request, defaultContext ); if ( command instanceof PageCommand && page != null ) { command = command.targetedCommand( page ); } return command; } /** * Protected method that updates the internally cached Command. * Will always be called when the page name, request context, or variable * changes. * @param requestContext the desired request context * @since 2.4 */ protected void updateCommand( String requestContext ) { if ( requestContext == null ) { m_command = PageCommand.NONE; } else { CommandResolver resolver = m_engine.getCommandResolver(); m_command = resolver.findCommand( m_request, requestContext ); } if ( m_command instanceof PageCommand && m_page != null ) { m_command = m_command.targetedCommand( m_page ); } } /** * Locates the i18n ResourceBundle given. This method interprets * the request locale, and uses that to figure out which language the * user wants. * @see com.ecyrd.jspwiki.i18n.InternationalizationManager * @param bundle The name of the bundle you are looking for. * @return A resource bundle object * @throws MissingResourceException If the bundle cannot be found */ // FIXME: This method should really cache the ResourceBundles or something... public ResourceBundle getBundle( String bundle ) throws MissingResourceException { Locale loc = Preferences.getLocale( this ); ResourceBundle b = m_engine.getInternationalizationManager().getBundle(bundle, loc); return b; } /** * Returns the locale of the HTTP request if available, * otherwise returns the default Locale of the server. * * @return A valid locale object * @param context The WikiContext */ public static Locale getLocale( WikiContext context ) { return Preferences.getLocale( context );/* HttpServletRequest request = context.getHttpRequest(); return ( request != null ) ? request.getLocale() : Locale.getDefault();*/ }}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -